AMENDMENTS TO THE CLAIMS 



This listing of claims will replace all prior versions, and listings, of claims 
in the application: 

Listing of Claims: 



1 1 . (Currently Amended) A method for using query signatures to provide 

2 security for a database detect structured query language (SQL) injection , 

3 comprising: 

4 initializing a signature cache, wherein initializing the signature cache 

5 involves: 

6 trapping database queries in a controlled environment, 

7 parsing the database queries to produce a set of valid signatures, 

8 wherein parsing the database queries involves determining signatures for 

9 the queries, wherein the signature specifies a structure based on operations 

10 for the query and is independent of the value of literals in the query SQL 

1 1 keywords contained in the corresponding query with literals removed , and 

12 storing the valid signatures in the signature cache; 

13 receiving a query at the database; 

14 parsing the query at the database to determine a signature for the query, 

1 5 wherein the signature comprises SQL keywords contained in the corresponding 

16 query with literals removed specifies a structure based on operations for the query 

17 and is independent of the value of literals in the query and wherein the signature is 

18 constructed from structured query language (SQL) keywords of the query ; 

19 determining if the signature is located in the signature cache, which 

20 contains signatures for valid queries; and 
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21 if so, processing the query, otherwise, triggering a mismatch 

22 ate rtidentifying the query as being SQL injected and rejecting the query . 

1 2. (Cancelled) 

1 3 . (Previously Presented) The method of claim 1 , wherein the mismatch 

2 alert throws an error. 

1 4. (Previously Presented) The method of claim 1 , wherein the mismatch 

2 alert is sent to a database administrator and the query is processed. 

1 5. (Previously Presented) The method of claim 1, wherein the mismatch 

2 alert is sent to a requesting application, thereby allowing the requesting 

3 application to take action. 

1 6. (Cancelled) 

1 7. (Original) The method of claim 1, wherein if the signature generates a 

2 mismatch alert and if the query is a valid query, the method further comprises 

3 allowing a database administrator to add the signature to the signature cache. 

1 8. (Currently Amended) A computer-readable storage medium storing 

2 instructions that when executed by a computer cause the computer to perform a 

3 method for using query signatures to provide security for a databaso detect SQL 

4 injection , wherein the computer-readable storage medium includes magnetic and 

5 optical storage devices, disk drives, magnetic tape, CDs (compact discs), and 

6 DVDs (digital versatile discs or digital video discs), the method comprising: 
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7 initializing a signature cache, wherein initializing the signature cache 

8 involves: 

9 trapping database queries in a controlled environment, 

10 parsing the database queries to produce a set of valid signatures, 

1 1 wherein parsing the database queries involves determining signatures for 

12 the queries, wherein the signature comprises SQL keywords contained in 

13 the corresponding query with literals removed specifies a structure based 

14 on operations for the query and is independent of the value of literals in 

15 the query , and 

16 storing the valid signatures in the signature cache; 

1 7 receiving a query at the database; 

18 parsing the query at the database to determine a signature for the query, 

1 9 wherein the signature comprises SQL keywords contained in the corresponding 

20 query with literals removed spocifios a structuro based on operations for the query 

21 and is ind e p e nd e nt of th e value of literals in the query and wherein the signatur e it 

22 constructed from structured query language (SQL) keywords of the query ; 

23 determining if the signature is located in the signature cache, which 

24 contains signatures for valid queries; and 

25 if so, processing the query, otherwise, identifying the query as being SQL 

26 injected and rejecting the quer y triggcring a mismatch alert . 

1 9. (Cancelled) 

1 10. (Previously Presented) The computer-readable storage medium of 

2 claim 8, wherein the mismatch alert throws an error. 
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1 11. (Previously Presented) The computer-readable storage medium of 

2 claim 8, wherein the mismatch alert is sent to a database administrator and the 

3 query is processed. 

1 12. (Previously Presented) The computer-readable storage medium of 

2 claim 8, wherein the mismatch alert is sent to a requesting application, thereby 

3 allowing the requesting application to take action. 

1 13. (Cancelled) 

1 14. (Original) The computer-readable storage medium of claim 8, wherein 

2 if the signature generates a mismatch alert and if the query is a valid query, the 

3 method further comprises allowing a database administrator to add the signature 

4 to the signature cache. 

1 15. (Currently Amended) An apparatus for using query signatures to detect 

2 SQL injection provide security for a database , comprising: 

3 an initialization mechanism configured to initialize a signature cache, 

4 wherein when initializing the signature cache, the mechanism is configured to: 

5 trap database queries in a controlled environment, 

6 parse the database queries to produce a set of valid signatures, 

7 wherein parsing the database queries involves determining signatures for 

8 the queries, wherein the signature specifies a structure based on operations 

9 for the query and is independent of the value of literals in the 

10 quer ycomprises SQL keywords contained in the corresponding query with 

1 1 literals removed , and 

12 store the valid signatures in the signature cache; 

13 a receiving mechanism configured to receive a query at the database; 
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14 a parsing mechanism configured to parse the query at the database to 

15 determine a signature for the query, wherein the signature comprises SQL 

16 keywords contained in the corresponding query with literals removed specifies a 

17 structure based on operations for the query and is independent of the value of 

18 literals in the query and wherein the signature is constructed from structured query 

19 language (SQL) keywords of the query ; 

20 a matching mechanism configured to determine if the signature is located 

21 in the signature cache, which contains signatures for valid queries; 

22 a processing mechanism configured to process the query if the signature is 

23 located in the signature cache; and 

24 an alerting mechanism configured to identify the query as being SQL 

25 injected and rejecting the quer y triggcr a mismatch alert if the signature is not 

26 located in the signature cache. 

1 16. (Cancelled) 

1 17. (Previously Presented) The apparatus of claim 15, wherein the 

2 mismatch alert throws an error. 

1 18. (Previously Presented) The apparatus of claim 15, wherein the 

2 mismatch alert is sent to a database administrator and the query is processed. 

1 19. (Previously Presented) The apparatus of claim 15, wherein the 

2 mismatch alert is sent to a requesting application, thereby allowing the requesting 

3 application to take action. 

1 20. (Cancelled) 



6 

APJ W:\Oracle Corporation\OR03\OR03-15501\Amendment F OR03-15501.doc 



1 21 . (Original) The apparatus of claim 15, further comprising an adding 

2 mechanism configured to allow a database administrator to add the signature to 

3 the signature cache if the signature generates a mismatch alert and if the query is a 

4 valid query. 
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